JP2004528739A - Encryption systems and methods for geolocking and securing digital information - Google Patents

Abstract

Methods and apparatus for controlling access to digital information use location identification attributes that define a particular geographic location. The location identification attribute is associated with the digital information so that the digital information can only be accessed at that particular geographic location. The position identification attribute further includes a position value and a proximity value. The position value corresponds to the position of the intended receiving appliance of digital information and can be further defined in terms of latitude, longitude and altitude dimensions. The digital information is encrypted using a geolock key based at least in part on the location identification attribute. The geolock key is based on a shape parameter determined from the position identification attribute and is included with the encrypted digital information. The shape parameters describe the shape of the geographic area, but do not identify where the geographic area is located. An appliance that receives the encrypted digital information can generate a geolock key to decrypt the digital information based on the received shape parameters and the appliance location.
[Selection diagram] FIG.

Description

ｆ（ρｌａｔ）およびｆ（ρｌｎｇ）からの８つの最上位桁の文字が使用されて、１６文字ストリング３９１０２００００７７２３４００が生成される。次に１６文字ストリングの個々の文字はそれぞれ４ビットオクテットに変換され、以下の６４ビットストリング初期キーが生成される：
【数２】

その後、６４ビットストリング初期キーは、ジェオロックキーを生成するために排他的オア機能（すなわち、ＸＯＲ）を使用して１６文字ストリングのオクテット展開１２３４５６７８９０１２３４５６と組合せられる。とくに、１６文字ストリングのオクテット展開１２３４５６７８９０１２３４５６は以下のとおりである：
【数３】

排他的オア機能を使用して２つの６４ビットストリングを組合せることにより生成されたジェオロック暗号化キーは以下のとおりである：
【数４】

【００６２】
図１６は、プレーヤ位置がジェオロックされたデータの位置識別性と一致した、すなわち近接エリア内に入っているときの、境界を付けられた方形近接エリアに対するジェオロックキーの生成を示している。この例において、プレーヤ位置（すなわち、３９．１０２１２０，７７．２３６１２０）は、図１５に関する上記の例において与えられた再生位置とは異なっている。しかしながら、示されるように、両計算セットにより同じ暗号化キーが生成され、方形の近接エリア内の任意のプレーヤ位置から暗号テキストデジタル情報が復元されることができることが証明される。特定されたプレーヤ位置に対して、形状ｐａｒｍパラメータは上述されたものと同じである。マッピング関数ｆ（ρｌａｔ）およびｆ（ρｌｎｇ）は以下のとおりである：
【数５】

このプレーヤ位置について、マッピング関数ｆ（ρｌａｔ）およびｆ（ρｌｎｇ）は上述された位置識別属性に対するものと同じであることを認識すべきである。したがって、初期キーおよびジェオロックキーはまた前に計算されたものと同じになる。したがって、プレーヤはジェオロックされたデジタル情報を特定されたプレーヤ位置から成功的に解読することができるであろう。
【００６３】
対照的に、図１７はプレーヤ位置がジェオロックされたデータの位置識別性と一致していない、すなわち位置識別性により規定された近接エリア外であるときの、境界を付けられた方形近接エリアに対するジェオロックキーの生成を示している。プレーヤ位置（すなわち、２８．５４３２１２，７３．５４３４５６）は、前の例で与えられた再生位置とは異なっている。この特定されたプレーヤ位置に対して、再び形状ｐａｒｍは前の例のものと同じであるが、しかしマッピング関数値はｆ（ρｌａｔ）およびｆ（ρｌｎｇ）に対して異なった値を与える。とくに、マッピング関数ｆ（ρｌａｔ）およびｆ（ρｌｎｇ）は以下のとおりである：
【数６】

ｆ（ρｌａｔ）およびｆ（ρｌｎｇ）からの８つの最上位桁の文字が使用されて、１６文字ストリング２８５４３００００７３５４２００が生成される。次に１６文字ストリングの個々の文字はそれぞれ４ビットオクテットに変換され、以下の６４ビットストリングの初期キーが生成される：
【数７】

前のように、６４ビットストリングの初期キーはその後、排他的オア機能（すなわち、ＸＯＲ）を使用して１６文字ストリングのオクテット展開１２３４５６７８９０１２３４５６と組合せられ、以下のようなジェオロックキーが生成される：
【数８】

初期キーおよび、したがってジェオロックキーは前に計算されたものと同じでないことは注目に値する。したがって、プレーヤは特定されたプレーヤ位置からジェオロックされたデジタル情報を解読することができないであろう。
【００６４】
以下図１８および１９を参照とすると、円形の近接エリアに対する暗号化／解読キーの計算の例が示されている。これらの図面は図９（上述された）に類似しているが、上記の好ましい方法を使用して円形の近接エリアに対する暗号化／解読キーの計算を示すために使用される。図１８は、円形の近接エリアに対する暗号化キーの生成を示している。位置識別属性は以下のとおりである：
位置識別属性＝（位置，近接）＝（（ｌａｔ，ｌｎｇ），（半径））＝
((３９.１０２４７９，７７.２３５７１１)，０．０００１)
形状ｐａｒｍパラメータは位置識別性から以下のように導かれる：
形状ｐａｒｍ＝（（ｏｌａｔ，ｏｌｎｇ），半径）＝((−0.000021， 0.000071)，0.0001)
円形近接エリアの直径Δｌａｔｌｎｇは０．０００２である。その後、形状ｐａｒｍは、ｆ（ρｌａｔ）およびｆ（ρｌｎｇ）を決定するために上述したマッピング関数において使用される：
【数９】

ｆ（ρｌａｔ）およびｆ（ρｌｎｇ）からの８つの最上位桁の文字が使用されて、１６文字ストリング３９１０２４０００７７２３５６０が生成される。次に１６文字ストリングの個々の文字はそれぞれ４ビットオクテットに変換され、以下の６４ビットストリング初期キーが生成される：
【数１０】

その後、６４ビットストリング初期キーは排他的オア機能（すなわち、ＸＯＲ）を使用して１６文字ストリングのオクテット展開１２３４５６７８９０１２３４５６と組合せられ、以下のジェオロックキーが生成される：
【数１１】

図１９は、プレーヤ位置がジェオロックされたデータの位置識別属性内である、すなわち、円形の近接エリア内に入っているときの、円形近接エリアに対するジェオロックキーの生成を示している。プレーヤ位置（すなわち、３９.１０２４２０，７７.２３５６９９）は、図１８に関して上記に示された位置識別性で規定された再生位置とは異なっている。しかしながら、示されるように、両計算セットから同じ暗号化キーが得られる。特定されたプレーヤ位置に対して、形状ｐａｒｍパラメータは図１８に関して上述したものと同じである。その後、形状ｐａｒｍパラメータは、ｆ（ρｌａｔ）およびｆ（ρｌｎｇ）を決定するために上述したマッピング関数において使用される：
【数１２】

このマッピング関数は、特定されたプレーヤ位置に関して、それらが位置識別性の位置部分を使用した場合と同じ結果を生じさせる。次に、以下の式を使用してそれが円形の近接エリア内に入っているか否かを決定するために座標（ρｌａｔ，ρｌｎｇ）が評価される：
ｄｉｓｔ＝ｓｑｒｔ（（ρｌａｔ−（ｆ（ρｌａｔ）＋半径＋ｏｌａｔ））²＋（ρｌｎｇ−（ｆ（ρｌｎｇ）＋半径＋ｏｌｎｇ））²
ｄｉｓｔ＝ｓｑｒｔ（（３９.１０２４２０−（３９.１０２４００＋０．００００１−０．００００２１））²＋
（７７.２３５６９９−（７７.２３５６００＋０．００００１＋０．００００７１））²）
ｄｉｓｔ＝０．００００８４１４
距離関数は半径以下である値を戻したので、プレーヤは円形領域の円周内に入っているか、あるいは円周上に位置している。反対に、距離関数が半径より大きい場合、ジェオロックキーは、無効キーである全て０の６４ビットストリングに設定され、ジェオロックされたデジタル情報を正しく解読しないであろう。上述したように、このプレーヤ位置に関して、マッピング関数ｆ（ρｌａｔ）およびｆ（ρｌｎｇ）は位置識別属性に対するものと同じである。したがって、プレーヤはジェオロックされたデジタル情報を特定されたプレーヤ位置から成功的に解読することができるであろう。
【００６５】
上述の位置識別属性暗号化システムおよび方法には多くの利点がある。位置識別性は、デジタル情報セキュリティ問題を克服し、ユーザに完全に透明な方式で暗号化キーを管理する手段を提供する。これによって、暗号化されたデジタル情報はインターネットのような公衆ネットワークを横切って容易に通信されることが可能になる。デジタル情報の準備が整えられた近接エリア内のユーザは、この情報にアクセスし、これを使用することができ、一方このエリア外のユーザはアクセスを拒否されるであろう。この点において、デジタル情報は、それが再生されることとなるターゲット位置に対して特定的に暗号化されるため、本発明は“カスタム”または“１対１”暗号化を行なう。また、カスタム暗号化によって、デジタル情報は、ジェオロックされた情報と共に含まれているターゲットのプレビューおよび広告マテリアルに対して正しい順序でカスタム化されることが可能となる。特定の位置に対してファイルが暗号化されたとき、カスタムプレビューマテリアルを含むようにそのエリアの人口統計が使用されることができる。たとえば、メキシコシティに対して暗号化されたマテリアルは、スペイン語のプレビューマテリアルを含んでいてもよく、一方メリーランド州のゲイザースバーグに対する類似のマテリアルは英語である。
【００６６】
位置識別属性ベースの暗号化は特性上、暗号化キーの共用に関して前の暗号化方法とは異なったアプローチを採用する。対称的な解読キーを構成するために不可欠な情報の２つの部分は、（ａ）再生装置に知られている再生位置と、および（ｂ）暗号化されたデジタル情報内と共に含まれている形状ｐａｒｍパラメータとを含んでいる。いずれか一方の情報部分だけでは、解読キーを構成するのに不十分である。暗号化は地理的エリアに特定されており、暗号化アルゴリズムはその解読が行われるユーザまたは装置に関して何も知る必要がない。同じデジタル情報の暗号解読は、位置識別属性により規定された領域内にその位置が入っていると識別された任意のマシン上で行われることができる。位置識別暗号化は、それが従来技術の方法の有用性を制限するキー分配問題を回避するという点で、以前の暗号化アルゴリズムとは異なっている。Ｗｉｒｅｄ Ｅｑｕｉｖａｌｅｎｔ Ｐｒｉｖａｃｙ（ＷＥＰ）のような対称的な暗号化方法、またはＤｉｆｆｉｅ−Ｈｅｌｌｍａｎのような非対称的な方法によるように暗号化キーの分配または共用を行う必要がない。また、セキュア・ソケット・レーヤ（ＳＬＬ）またはマルチパーハス・インターネット・メール・エクスチェンジ（Ｓ／ＭＩＭＥ）におけるように秘密キー交換を交渉する必要がない。
【００６７】
デジタル情報へのアクセスを制御するために位置識別属性が使用されることのできる多くのアプリケーションおよびデータフォーマットが存在している。ユーザは電話線、光ファイバ、ケーブルテレビジョン、衛星放送、無線またはその他のメディアを含む任意の都合のよい方法を使用して、ジェオロックされたデジタル情報を電子形態で受取ることができる。ユーザはまたカスタム生成されたジェオロックされたデジタル情報を、たとえば、ＣＤ−ＲＯＭ、ディスケット、ビデオカセットまたはテープ等の磁気またはその他の符号化されたメディアの形態で店またはベンダーから物理的に受取ってもよい。同様に、ジェオロックされたデジタル情報は、インターネットのような広域ネットワーク、イントラネットのようなローカルネットワーク、ｅメールへの接続のような個人とサーバコンピュータとの間のダイヤルアップアクセスを含むネットワークによって、あるいはデジタル広域携帯電話または別の無線デバイスによって伝送されることができる。ジェオロックされたデジタル情報は、ディスケット、ＣＤ−ＲＯＭ、テープ、固定されたまたは取外し可能なハードディスク、ＤＶＤ／ＣＤ−ＲＯＭ、フラッシュメモリ／ディスク、ＥＥＰＲＯＭ等に記憶されることができる。この方式で保護されることのできるデジタル情報のタイプには、いくつかの名をあげれば、音楽ファイル（たとえば、ＭＰ３）、ソフトウェア、文学作品、商取引ファイル、テキストファイル、ビデオ／グラフィックス、ページングメッセージ、広域携帯電話の会話および取引、ならびにデジタルファイルが含まれることができる。
【００６８】
例示的なアプリケーションにおいて、顧客はデジタルフィルムまたはオーディオをベンダーのカタログから注文する。このカタログはハードコピーまたはインターネットベースのものであってよく、その注文は郵便投函、電話、ファクシミリ送信またはインターネットベースの取引によって行われることができる。何れの発注方法でも、顧客の注文は再生位置を示している。この注文がベンダーによって調達されたときに、その顧客に関連した位置識別属性が決定され、暗号キーを生成するために使用され、後にこの暗号キーはそのメディアに対するデジタル情報ファイルを暗号化するために使用される。その後、購入されたメディアはその注文に対してカスタム暗号化され、ＤＶＤまたはＣＤ−ＲＯＭのようなフォーマットにコピーされ、ビューアと共にパッケージ化され、このビューアもまた位置識別属性に対してカスタム化されている。購入されたメディアの内容全体がコピーされた場合でさえ、その位置識別属性に対してカスタム化されたビューアおよびメディアが許容領域外での視聴を阻止する。この例示的なアプリケーションでは、位置識別性ならびにカスタム化された暗号およびビューアの使用により、デジタルメディアの著作権侵害および無許可使用ならびにコピーの問題に対して抵抗力の強い解決方法が提供される。
【００６９】
本発明の別の例示的なアプリケーションにおいて、位置識別性は、公衆ネットワークによって情報を“有線放送（narrowcast）”するために使用される。有線放送とは、この文脈では、ポイント・ツー・ポイント伝送、あるいは無制限の位置に対する放送とは対照的に、限られた視聴者に対する情報の伝送のことである。たとえば、局地的天候、交通情報、映画上映スケジュール、店舗情報等の多くのタイプの情報は、ある位置関係の範囲内でのみ使用可能である。このような位置依存性情報を使用するアプリケーションは、位置ベースアプリケーションと呼ばれることができる。位置識別性は、たとえば、天候に対するローカル地域、販売に対する店舗の位置および広告情報等の、それが関連する位置で識別されるネットワークによって情報を送信するために放送タイプのプロトコルを使用する方法を提供する。クライアントのアプライアンスの位置を使用することにより、そのクライアントのアプリケーションは情報に付与された位置識別性を使用して、それらの現在の位置に基づいて情報を選択的にスクリーンすることができる。それはまた、地理的に制限された有線放送アプリケーションに対して、機密保護されて安全な秘密通信を維持するために特有の位置ベースの共用暗号キーを設定する方法を提供することができる。
【００７０】
本発明の別の例示的なアプリケーションにおいて、位置識別性は、無線ネットワーク連結性に対する機密性およびセキュリティを強化するために使用される。無線ネットワーキングは、無線ポータブルまたはワークステーションがネットワークに接続することを可能にする“ブルートゥース”テクノロジーのようなネットワーキング装置およびプロトコルの出現と共に成年に達した。“ブルートゥース”は移動デバイス（たとえば、ラップトップ、ＰＤＡ、広域携帯電話等）とポイント・ツー・ポイントおよびマルチポイントアプリケーションをサポートするデスクトップデバイスとの間におけるデジタル音声およびデータの短距離送信用の公然の標準規格である。ネットワークによって通信しているあらゆる無線アプライアンスは特有の位置を有するため、位置識別性は、公衆ネットワークによって接続した無線デバイスに対する安全な機密通信を維持するために使用されることのできる特有の共用暗号キーを設定するために使用されることができる。
【００７１】
上述した実施形態および例示的なアプリケーションのそれぞれにおいて、ジェオロックされたデジタル情報にアクセスするアプリケーションプログラムとこれらのアプリケーションが動作する周辺およびネットワーク環境との間には少なくとも４つの論理的な境界が存在する。これらの境界には、（１）データ獲得／アプライアンスの境界、（２）記憶／アプライアンスの境界、（３）ユーザインターフェース／アプライアンスの境界、および（４）アプライアンス／位置の獲得の境界が含まれる。データ獲得／アプライアンスの境界とは、たとえば、位置識別属性が満足されない限り別のソースからデジタル情報を獲得できないアプライアンスのようなアプライアンスがデジタル情報を獲得した時点で位置識別性を実施することである。記憶／アプライアンスの境界とは、たとえば、位置識別性が満足されない限り、アプライアンスは記憶されたファイルをメモリから呼出すことができない等の、アプライアンスがデジタル情報を記憶した時点で位置識別属性を実施することである。ユーザインターフェース／アプライアンスの境界とは、たとえば、位置識別属性が満足されない限り、ユーザはアプライアンスのモニタ上でデジタル情報を見ることができない等の、ユーザに情報を与えた時点で位置識別属性を実施することである。アプライアンス／位置の獲得の境界とは、たとえば、組込み型ＧＰＳ受信機を使用してそのアプライアンス位置が獲得されない限り、ユーザが如何なる方法でもそのデジタル情報を見たり、記憶したり、検索したりする、あるいはそうでなければ使用することができない等の、アプライアンス位置の妥当性を検査することによってジェオロックされたデータへのアクセスを制限することである。本発明の任意の特定の実施形態により提供される相対的なセキュリティは、アクセス制御が実施される境界に関連していることを認識すべきである。
【００７２】
以上、デジタル情報へのアクセスを制御するために位置識別属性を使用するシステムおよび方法の好ましい実施形態を説明してきたが、当業者には、本発明の利点が達成されていることが明らかであろう。本発明の技術的範囲内において種々の修正、適応および別の実施形態が可能であることもまた認識しなければならない。さらに、本発明は添付された請求の範囲によって制限されている。
【図面の簡単な説明】
【００７３】
【図１】本発明の１実施形態にしたがって位置識別性により決定されたデジタル情報へのアクセスを示す概略図。
【図２】位置識別属性の構成要素を示すブロック図。
【図３】位置識別属性の位置決定値の構成要素を示すブロック図。
【図４】位置識別属性をデジタル情報と関連付けるための方法を示すフローチャート。
【図５】位置識別属性を使用してジェオロックされたデジタル情報へのアクセスを強化するための方法を示すフローチャート。
【図６Ａ】アプライアンスに対する位置識別性を決定するための方法を示すフローチャート。
【図６Ｂ】アプライアンスに対する位置識別性を決定するための別の方法を示すフローチャート。
【図６Ｃ】アプライアンスに対する位置識別性を決定するための別の方法を示すフローチャート。
【図６Ｄ】アプライアンスに対する位置識別性を決定するための別の方法を示すフローチャート。
【図７】ジェオロックされたデジタル情報をサーバ透視図から生成する方法を示すフローチャート。
【図８】境界を付けられた方形の近接エリアに対する位置識別性からの、暗号化パラメータの計算を示す図。
【図９】円形の近接エリアに対する位置識別性からの、暗号化パラメータの計算を示す図。
【図１０】位置識別性暗号化処理の方法を示すフローチャート。
【図１１】ジェオロックキーを発生する方法を示すフローチャート。
【図１２】ジェオロックされたデジタル情報をクライアント透視図から見る、または再生するための方法を示すフローチャート。
【図１３】ジェオロックキーを発生する方法を示すフローチャート。
【図１４】位置識別性ベースの解読処理の方法を示すフローチャート。
【図１５】対応したジェオロックキーを計算するために使用される境界を付けられた方形の近接エリアの一例を示す図。
【図１６】再生装置の位置がジェオロックされたデータの位置識別性と一致している、対応したジェオロックキーを計算するために使用される境界を付けられた方形の近接エリアの一例を示す図。
【図１７】再生装置の位置がジェオロックされたデータの位置識別性と一致していない、対応したジェオロックキーを計算するために使用される境界を付けられた方形の近接エリアの一例を示す図。
【図１８】対応したジェオロックキーを計算するために使用される円形の近接エリアの一例を示す図。
【図１９】対応したジェオロックキーを計算するために使用される円形の近接エリアの一例を示す図。【Technical field】
[0001]
The present invention relates to the communication of digital information, and more particularly, to a method and system for encrypting digital information using location security attributes.
[Background technology]
[0002]
The rapid advancement of computer, communication and networking technologies is opening up new opportunities and applications that were not possible a few years ago. These advances are illustrated by the explosive spread of the Internet. As is known in the art, the Internet is an interconnection of computer networks that allows computers of all kinds to communicate with each other and share information. Companies, individuals, government agencies, charities and academic centers of all sizes constantly use the Internet to share information, distribute services and exchange content extensively. The Internet functions as a distributed network of systems that are not controlled or managed by any organization. Physical and logical paths that facilitate the exchange of information link these networks together.
[0003]
Despite the very high value that this information access has brought to society, confidentiality, authenticity, integrity, unauthorized use, confidentiality of transactions, site protection, etc. Controlling the security of the information it contains remains an important issue. The remarkable openness of the Internet makes it very difficult to know for sure that the information is protected. As a result, Internet users must make no assumptions about the authenticity or use of the data they transmit or receive.
[0004]
The root of this problem stems from the unique organization of the Internet. The purpose of the TCP / IP protocol on which the Internet is based is to simply deliver packets of information between any computer connected to the Internet without dictating the path that data packets take in the network. Anyone with a computer and basic Internet software can connect to the Internet as a fully capable host and provide Internet services to another user. Information traversing the Internet passes through many computers along its way, and each computer can access the information. This problem will continue to worsen in the future as new network connections to the Internet (such as wide area mobile phones, broadband cables, laser and microwave networks) become more widespread.
[0005]
Cryptographic systems that have historically performed information security and access control have lagged behind the Internet. In an encryption system, the sender uses an encryption algorithm to convert the original data, or "plaintext," into an encoded equivalent called "ciphertext." Thereafter, the ciphertext can be decrypted (or decrypted) by the receiver, thereby returning it to plaintext. The encryption algorithms use keys that are typically binary numbers 40 to 128 bits in length. The larger the number of bits in a key, the more key combinations are possible, and the longer it takes to resolve the code. The data is encrypted or "locked" by mathematically combining the bits in the key with the data bits. At the receiving end, this key is used to "unlock" the code and restore the original data.
[0006]
Prior to the Internet, cryptography primarily relied on a secret key system in which both the sender and the recipient used a secret key (also known as a symmetric key) to encrypt and decrypt the plaintext. Was. Security relies on senders and recipients who know the secret key, and has proven to be sufficient for governments and large corporations to protect their confidential information. Secret key systems are not very effective at controlling access to the amount of information traffic on the Internet, mainly because of the difficulty in distributing the secret key to users without compromise.
[0007]
An alternative to such a dedicated key system is public key cryptography, which uses two keys known as a dedicated key and a public key. Each party has a private key that is kept secret and not shared, and a public key that is made publicly available. The public key is used to encrypt the plaintext information, and the private key is used to decrypt the ciphertext message. The private key must not be mathematically derived from the public key. The communicating parties may exchange their public keys over an unsecured communication channel, such as the Internet, and then use the public keys to encrypt their messages. The recipient then uses the private key to decrypt the message. Nevertheless, the disadvantages of public key cryptography remain. Public key encryption is computationally intensive and therefore time consuming to use. According to some speculations, public key systems are typically 100 times slower than their corresponding dedicated keys, so they are not suitable for audio and video systems where computationally intensive compression / decompression must also be performed. Is not practical. Another problem arises from the distribution of public keys, which greatly grows companies (eg, Verisign) that act as centralized registrars or signing authorities to access and validate public keys. In view of these drawbacks, public key encryption has been used for only a small part of the overall Internet communication. For most such communications, security issues do not appear to be severe enough to justify the inconvenience and expense of public key management.
[0008]
One form of public key cryptography that overcomes some of these drawbacks is PGP, which stands for "very good confidentiality." PGP allows individuals to sign each other's key certificates, thereby eliminating the need for a centralized signing authority. Although PGP is becoming increasingly accepted, it is still only used for some of the Internet traffic due to the difficulty of key distribution and management. Thus, the widespread use of encryption on the Internet will only be widely accepted if it is implemented in a manner that seems transparent to the user.
[0009]
Another important consideration for communication systems is the prevention of unauthorized copying of copyrighted digital content. With respect to conventional computing and communication systems, a lack of conscience can easily create and distribute countless identical copies of copyrighted works in digital form (eg, music, copyrighted works, photos, videos, software, etc.). be able to. In addition, commercially available file indexing services allow computer users to easily locate and access digital files on another user's computer system, thereby causing widespread piracy. The likelihood of having increased significantly. One such service, offered by Napster, Inc. (San Mateo, CA), is to locate a common MP3 format music file on another computer that is currently logged on to the Internet. Provide a file sharing application that works in conjunction with a website. A similar service, known as Gnutella, provides users with software and documentation on the Gnutella Net, a loose and free union of users and organizations that makes various information available worldwide. Provide a file sharing system that allows searching. Gnutella, unlike Napster, which is tailored for music files and provides a centralized listing, Gnutella Net is a peer-to-peer network that includes all types of files. Although these file sharing systems also have a legitimate purpose in allowing users to share non-copyrighted files, they also violate copyright law. Widely used to get protected files. The illegal use of these file sharing systems represents a serious threat to copyright owners.
[0010]
Active security management of the Internet is not an effective solution for copyright holders. Given the widespread and anonymous nature of Internet piracy, such management efforts are logically difficult. In addition, public opinion that information content exchanged on the Internet must be free makes large-scale security management efforts unattractive from a public relations perspective. To solve this problem, various digital rights management (DRM) systems have been created that protect the copyright of digital content distributed by focusing on precautionary measures. For example, a proposed DRM system for the record industry, known as Secure Digital Music Initiative (SDMI), sets out a set of rules for securely distributing digital music over the Internet. SDMI provides guidelines for developing compliant DRM systems that include container formats that software and hardware players must support to play the material. It was announced in February 1999 that SDMI will be supported by the Recording Industry Association of America (RIAA) and the top five music production companies of Sony, Warner, BMG, EMI and Universal.
[0011]
Despite these efforts, DRM systems offer at best an incomplete solution for several reasons. First, assuming the availability of infringing content on the Internet, illegally downloading digital files over the Internet rather than legally purchasing a copy of the material via the normal sales channel would be It is much more convenient and cheaper for the user. Illegally obtained materials may be of lower quality compared to legitimate copies, but convenience and negligible expense often compensate for this shortcoming. Second, most DRM technologies rely on some form of encryption to protect digital information. To be very effective, both stakeholders in the encryption scheme must have the right to keep the encrypted information confidential. The legal purchaser of the content has the right to view the content, but has no right to ensure that the confidentiality provided by encryption is preserved. To this end, many DRM solutions use digital certificates or licenses that attempt to hide the decryption key from the user. In such a system, all copies of the content are encrypted in the same way, and the media player validates the user's rights to display or play the decrypted content. However, because the encrypted content and the decryption key are hidden but still accessible to the user, sophisticated users can reverse-process the DRM solution to The decrypted content can be decrypted and the decrypted content copied and distributed without any interruption. Less technically, other methods of obtaining an unencrypted copy of the content, such as videotaping each frame of the digital video data file while the content is displayed legitimately during playback Shooting and the like can also be used by a user without conscience.
DISCLOSURE OF THE INVENTION
[Problems to be solved by the invention]
[0012]
Therefore, it would be highly desirable to provide a method for controlling digital information exchange that overcomes these and other disadvantages. In particular, it is desired to provide an information exchange system and method that allows for security and control over access to information and that prevents unauthorized copying of copyrighted content.
[Means for Solving the Problems]
[0013]
The method and apparatus for controlling access to digital information according to the present invention uses location identification attributes that define a particular geographic location. The location identification attribute is associated with the digital information so that the digital information can only be accessed at that particular geographic location. The position identification attribute further includes a position value and a proximity value. The position value corresponds to the position of the intended receiving appliance of digital information and can be further defined in terms of latitude, longitude and altitude dimensions. The proximity value corresponds to the zone surrounding the location. The location identification attribute may further include a time value such that the digital information can be accessed only at a particular geographic location and during a particular time period.
[0014]
In one embodiment of the present invention, digital information is encrypted and decrypted using a geolocking key based on location identification attributes. The geolock key is based on a shape parameter determined from the position identification attribute and is included with the encrypted digital information. The shape parameter describes the shape of the geographic area, but does not identify where the geographic area is located. An appliance that receives the encrypted digital information can generate a geolock key to decrypt the digital information based on the received shape parameters and the appliance location. If the appliance location is not within the proximity area of the location identification attribute, the appliance cannot generate a geolock key to decrypt the digital information. Thus, location identifiability is enhanced by allowing the decoding of digital information only at specific geographic locations.
[0015]
In view of the following detailed description of the preferred embodiments, those skilled in the art will more fully understand systems and methods for using location identifiability to control access to digital information, with additional advantages and advantages thereof. You will recognize the purpose. Reference is made to the drawings, which are attached at the end of the description and provide a brief description.
BEST MODE FOR CARRYING OUT THE INVENTION
[0016]
The present invention satisfies the need for a digital information exchange control method that allows for security and control over access to information and prevents unauthorized copying of copyrighted content. In the following detailed description, the same component numbers are used to represent the same components shown in one or more drawings. In this detailed description, various terms are used, including:
[0017]
Appliance: An electronic device, system, network, and the like, with minimal capacity to capture digital and location information. These electronic devices often include processing functions for executing program instructions, and memory capacity for short-term and long-term data storage, and may also include the ability to transmit information.
[0018]
Associate location identification attributes: A method of marking location identification attributes on digital information.
[0019]
Coordinate system: Location is indicated by latitude and longitude, a coordinate system based on the degree to which any location on the earth is uniquely identified. Latitude is measured as the angle from the Earth's equator (0 °) to the North Pole (90 ° North) or the South Pole (90 ° South). Latitude lines are formed by circles running parallel to the equatorial plane. All integer latitude lines are equidistant from each other. The latitude of a location is a measure of the angle between the equatorial plane and a line projected from the center of the earth. The longitude line is formed by a large circle that intersects both the North and South Pole. Each longitude can be thought of as splitting the earth in half. Longitude is measured in a half circle from 0 ° to 180 ° east and 0 ° to 180 ° west from Royal Greenwich Observatory in Greenwich, England. The longitude line at 0 ° is called the prime meridian. The longitude of a location is a measure of the angle between the plane formed by the large circle and the prime meridian. In this detailed description, latitude and longitude coordinates for locations in Maryland are used as examples for certain drawings. When represented as decimal, longitude coordinates in Maryland are usually represented as negative numbers. However, in the following description, these longitude coordinates are consistently represented as positive numbers to facilitate the description of the method underlying the present invention.
[0020]
Digital information: Digital information is information represented in a digital format. Examples of information that can be represented digitally include text, data, software, music, video, graphics, and the like.
[0021]
Enforce location identities: A way to access or deny access to digital information according to the associated location identification attributes of the digital information.
[0022]
Geocode: A unique encoding of a location on earth, usually associated with a coordinate system. Some geocodes identify point locations, such as when a location was identified by its latitude and longitude. Another geocode may identify an area, such as a zip code.
[0023]
Geolock: An association made between digital information and a geographic area defined by location identification attributes.
[0024]
Geo-locked information: Digital information that is associated with a location identification attribute and is accessible only within an area defined by the location identification attribute.
[0025]
Location: any geographic location. It can be, but is not limited to, an exact point, the location of an area or region, a point contained within a proximity area, or a location on the earth. A position may also include a height (or altitude) to identify a position above or below the surface of the earth, or a time to identify a position in a temporal dimension.
[0026]
Position identification: accurate encoding of position. Attributes of the information can be used to define exactly where the information is accessed, but is not limited to such. The location identity may be the encoding of a point, an area, an area with an associated point, a corridor (ie, its centerline having a length on either side of the centerline), or a location. May be made by any other accurate spatial and temporal identification.
[0027]
Positional variance: The minimum resolution at which a geocode at one location may not be able to accurately distinguish it from its neighbors. For example, if the military grid point indicating method is used with two characters of accuracy, the accuracy of any location is only within 10 kilometers.
[0028]
Playback location: the location part of the location identification attribute that would be allowed to access the digital information.
[0029]
Player location: The location of the appliance attempting to play the geolocked file.
[0030]
Proximity: The zone or area containing the location.
[0031]
The above definitions do not limit the scope of the invention, but rather clarify the terms used in describing the invention. It should be recognized that the defined terms also have different meanings for those skilled in the art. These and other terms are used in the detailed description that follows.
Referring to FIG. 1, there is shown a schematic diagram of the present invention illustrating access to digital information determined by location identifiability. Location identifiability is an attribute of information that accurately determines the geographical area or region to which the information is accessible. Two geographic areas, designated A and B, are shown within the Americas on map 101. The information 130 is represented in digital format and has an associated location identification attribute 131 that precisely defines the geographical area A as an area where the digital information can be accessed. If the appliance 112 is located within this geographic area A, the digital information 130 will be accessible by that appliance. Conversely, if appliance 122 is located in geographic area B (or somewhere other than geographic area A), digital information 130 will not be accessible. Thus, location identifiability represents an attribute of digital information that determines the exact geographic area where the digital information can be accessed. Digital information that has a location-identifying property is called "geo-locked," and a system that implements the location-identifying attribute geo-locks the associated digital information to a geographic region defined by the location-identifying attribute.
[0032]
In FIG. 2, the location identification attribute 140 is shown as including two items of information, a location value 142 and a proximity value 143. Position value 142 corresponds to a particular position at a particular location. Many different coordinate systems have been developed, such as latitude and longitude, where any location is uniquely identified by a numerical value. For the purposes of the present invention, any coordinate system that uniquely identifies a location can be used as the position value 142 of the position identification attribute 140. The proximity value 143 corresponds to a zone or area range surrounding the position. If the proximity value 143 is set to zero, null, sky, etc., or some other value indicating that the area referenced by the location identification attribute is a unique point, May be included. It should be appreciated that the proximity value 143 is different from the position variance. Proximity value 143 is representative of an area or region, while position variance is the minimum resolution at which a geocode or a position may not be able to be accurately distinguished from a position adjacent thereto.
[0033]
FIG. 3 shows the position value 142 in more detail. As mentioned above, many different coordinate systems are commonly used that result in a set of numbers that uniquely identify every location in the coordinate system. In the present invention, the position value 142 is defined with respect to a specific position indication or geocode, as indicated by 142a. Therefore, latitude 144 and longitude 145 using the normal coordinate system can further define the geocode. Known such as Earth Centered, Earth-fixed Gaussian coordinate system, Universal Transverse Mercator (UTM), Military Grid Reference System (MGRS), World Geographic Reference System (GEOREF), etc. Other systems can also be conveniently used. In addition to the latitude 144 and longitude 145, the position value may further include an altitude 146 as shown at 142b, which altitude 146 corresponds to a height above the sea level. . Alternatively, the position value may further include a time value 147, indicated at 142c, which may be specified with respect to a date and / or time range. This allows the definition of the location identification attribute to take into account both geographical and / or temporal access to information.
[0034]
Any geographic region or area that includes a location value 142 of location identity can function as a proximity value 143 to the location identification attribute 140. The proximity value 143 may include a rectangular region defined by two adjacent longitude lines (indicating the edges of a horizontal line) and two adjacent latitude lines (indicating the edges of a vertical line). Alternatively, the proximity value 143 may include a circular area represented by a single number defining a radius around the location. A circular region can be further defined as either an elliptical area centered at the location, or a circular or elliptical area encompassing the location but not necessarily at the center of mass. In another form, the proximity value 143 may include an irregular closed polygon or corridor. In yet another form, the proximity value 143 may correspond to a known geographic region, such as a country in Brazil. Another type of known geographic area in which the proximity value 143 can be defined includes a zip code, state, county, merged city, and the like.
[0035]
In accordance with the present invention, whenever geolocked digital information is stored, stored, or copied, subsequent access to the digital information is limited to the geographic area defined by the location identification attribute 140 As such, the location identification attribute 140 is associated with the digital information. FIG. 4 illustrates a general method of associating the digital information with a location identification attribute 140 that accurately defines the area where the digital information will be accessible or played. It should be appreciated that this method is analogous to setting file attributes, such as the read-only attribute for a computer file when it is stored. This method is used for terminals such as personal computers, servers, personal digital assistants (PDAs), laptops, workstations, networks, wide area mobile phones and the like, for communication or delivery to another party. Performed by a system or device having sufficient data processing power and memory to generate, manipulate, and process digital information. Software or embedded firmware instructions running on the system or device cause this method to be performed.
[0036]
In particular, the method starts at step 200 with a command to store or store digital information with location identification attributes. In step 202, the position value 142 for the digital information is retrieved and stored for later use. The location value 142 does not necessarily correspond to the geographic location at which the method is invoked on the appliance, but rather the location identification attribute (described above) for the appliance that will be granted access to the digital information. In step 204, the proximity value 143 of the appliance location identification attribute is retrieved and stored for later use. In the following, various methods of generating the position and proximity values 142, 143 will be described in more detail. In addition to such methods, the location and proximity values 142, 143 may also be pre-stored in memory and retrieved therefrom, or the end user may be queried to provide the information. In step 206, the retrieved position and proximity values 142, 143 are used to generate a position identification attribute 140. Thereafter, in step 210, digital information 216 is associated with location identification attribute 140 to provide geolocked digital information 218.
[0037]
Attempts to access information that has been geolocked by a read or copy operation performed by the playback appliance will be rejected unless the playback appliance identifies a valid location identification attribute. This is done by evaluating the associated location identity of the digital information against the location of the playback appliance to determine whether they match. FIG. 5 illustrates a general method for implementing access to digital information by location identification attributes. Logically, this method is the manner in which the operating system currently enforces the read-only attribute on a file, i.e., allows a user to access the file for reading, but denies access for writing. It is similar to the method of doing. The method allows the reception of digital information communicated or distributed by another party such as a personal computer, server, router, personal digital assistant (PDA), workstation, network, wide area mobile phone, laptop, etc. By a system or device that has sufficient data processing capacity and memory to Software or embedded firmware instructions running on the system or device cause this method to be performed.
[0038]
In particular, the method starts at step 220 with a command to access digital information. In step 222, the geolocked digital information 218 is accessed to read and store the associated location identification attribute 140. It should be appreciated that only the location-identifying portion of the geolocked information is accessed, not the digital information itself. The location identification attribute 140 of the geolocked information is stored for further use in the method. At step 224, the method determines the location of the appliance accessing the digital information. As described below, there are various possible ways to determine the appliance location 160. Appliance location 160 is stored for further use in the method. At step 226, the method determines whether the location of the appliance matches an area defined by location identity 140. If the appliance location 160 matches the location identification attribute 140, access to the geolocked digital information 218 is enabled at step 228. Conversely, if the appliance location 160 does not match the location identification attribute 140, access is denied at step 230.
[0039]
6A-6D illustrate several exemplary methods for determining the playback position of an appliance attempting to access geolocked digital information. These methods are performed by the system as part of the procedure for implementing location identification attributes with digital information, as described above with respect to FIG. It should be appreciated that other methods of determining the playback position of the appliance can also be used effectively.
[0040]
FIG. 6A illustrates an address decoding method 240 in which a geocode is decoded from a street address for an appliance that will receive geolocked digital information. In step 242, the address for the appliance is retrieved. The address information can be reconstructed from memory based on previous communications with the appliance from which the address was obtained. Alternatively, the appliance may prompt to provide address information as the first part of the information transaction. Once retrieved, the address information is decoded at step 244 to derive a particular geocode. This step may use a commercially available software program that can generate coordinate-specific geocodes from addresses, such as MapMarker OCX component version 4.2 from Mapinfo, Inc. (Troy, New York). If it is desired to include a time element with respect to the location identification attribute, at step 246 the current time is retrieved from the appliance, such as by reading the time from the appliance system clock. It should be appreciated that this step 246 is optional, and in many applications a time element is not required. Finally, in step 248, the geocode and time are converted into a format that can be used as a position value 142 for the position identification attribute 140.
[0041]
FIG. 6B illustrates an appliance licensing method 250 in which location values are derived from licenses stored on the appliance. License packs are a well-known feature of many systems and are commonly used to validate access to appliance programs. A license pack is a digital file that contains information about the user / license. They are not unbreakable, but are organized and encrypted to be a reliable way of validating the user. In this embodiment of the invention, the license pack includes a coordinate-specific geocode that identifies the location of the appliance. At step 252, the license packs stored on the appliance are accessed and searched. Thereafter, in step 254, the geocode is restored from the license. If it is desired to include a time element for the location identification attribute, at step 256 the current time is retrieved from the appliance, such as by reading the time from the appliance system clock. It should be recognized that this step 256 is optional and that in many applications a time element is not required. Finally, in step 258, the geocode and time are converted into a format that can be used as position value 142 for position identification attribute 140.
[0042]
FIG. 6C illustrates a GPS data restoration method 260 in which position values are restored from a GPS receiver embedded in the appliance. As known in the art, the Global Positioning System (GPS) is a satellite-based radio navigation system developed and operated by the US Department of Defense. GPS enables users on the ground, at sea and on aircraft to determine and determine their three-dimensional position, speed and time anywhere in the world, in all weather, 24 hours a day. The GPS system provides less than 100 meters of accuracy to civilian users worldwide, while military and civilian users in the United States have much higher accuracy. The GPS position information is based on a coordinate system called World Geodetic System 1984 (WGS84), and is similar to a latitude and longitude coordinate system. The commercial availability of GPS receivers has generally increased, and in this embodiment it is expected that the appliance will include an embedded GPS receiver. For example, GPS receivers are available as PCMCIA cards, such as Rockwell's NavCard or Trimble Navigation's GPScard, and Novalel manufactures GPS receivers for general-purpose IBM PCs. At step 262, a GPS receiver embedded in the appliance is accessed. At step 264, the geocode is recovered from the embedded GPS receiver. Optionally, the time value may also be recovered from the GPS receiver. Finally, in step 266, the geocode and the optional time value are converted into a format that can be used as a position value 142 for the position identification attribute 140.
[0043]
FIG. 6D illustrates a triangulation data restoration method 270 for determining the position of the appliance. As is known in the art, triangulation is a method often used by satellites, wide area mobile phones, navigation systems and other wireless signal operators to provide accurate location information. The Loran-C system is an example of a commercially available navigation system that provides location information by triangulating RF signals from a plurality of fixed location RF transmitters. In step 272, the system determines the direction of the appliance by accessing the RF signal transmitted by the appliance. In step 274, a geocode is calculated from the RF signal using a triangulation algorithm. Finally, in step 276, the geocode is converted to a format that can be used as position value 142 for position identification attribute 140. If a time element is required in the location identification attribute 140, the current time is read from the appliance's system clock in the same manner described above.
[0044]
According to one embodiment of the present invention, the digital information is encrypted prior to transmission to the appliance, and the location identification attribute 140 is used to generate a location identification attribute based key used to encrypt the digital information. used. The layer of encryption added to the digital information enforces the restrictions on access defined by the location identification attribute 140. FIG. 7 illustrates an encryption method that associates digital information with a location identification attribute 140 used to convert plaintext digital information (media) into geolocked encrypted digital information. The method can be performed by a server coupled to a network, such as the Internet, for distributing the encrypted digital information to users connected to the network. Digital information is accessed by the server from media storage memory 152. Preview information, such as advertisements or other similar material in digital form, may also be accessed by the server from preview storage memory 154. Digital information and preview information are stored in plain text form in media storage memory 152 and preview storage memory 154. The particular digital information to be geolocked is assigned a unique media ID 150 that is used to index the plaintext digital information in the media storage memory 152.
[0045]
The method starts at step 300 with a command to generate geo-locked digital information encrypted according to a location identification attribute. In step 302, the requested digital information (or media) is accessed from media storage memory 152 in association with a corresponding media ID 150. Because the digital information is custom encrypted for the proximate geographic area, the preview information can be custom adjusted for the closest geographic area referenced and included with the encrypted media. Alternatively, demographic information about the target customer may be known and can be used to further refine the included preview information. If an additional preview is to be included, it is accessed from preview storage memory 154 at step 304 and concatenated with the requested digital information. The plaintext digital information and the linked preview information are used as input to the encryption process performed in step 306.
[0046]
The cryptographic process in step 306 uses a location identification attribute 140 that defines the shape of a geographic area defined by location and proximity values. The location identification attribute 140 is used to generate a geolock key 166 used for encryption, as described in further detail below. Thereafter, in step 308, the plaintext is encrypted and the geolocked information is packaged by adding a parameter called a shape parameter (shape palm) to the front of the ciphertext. In particular, the geolock key is used to deterministically modify the plaintext information and the concatenated preview information using an encryption algorithm to provide the geolocked digital information 156. The information 156 includes the digital information in the cipher text form 158 and the linked preview information, and the plain text form parm157. The shape palm defines the shape of the important area without identifying a specific position corresponding to the important area. The shape “parm” is a non-positional conversion of the proximity part of the position identification attribute 140. The non-position refers to a characteristic of the shape palm that defines the shape of the proximity area without referring to the actual position.
[0047]
Each shape palm has a characteristically different size depending on whether the proximity area defined by the position identification attribute 140 is a circle or a bounded rectangle. Using this different size, the client receiving the geolocked digital information 156 determines whether the file should be processed for a circular or bounded rectangular proximity area. Alternatively, the format of the shape palm may be included as a field in the geolocked digital information.
[0048]
In a preferred embodiment of the invention, a mapping function is used to map different coordinates in the proximity area to the same value. The mapping function is given by:
f (x) = Δ * int (x / Δ)
Where int is a function that returns the integer part of its argument in parentheses. Using x as the latitude of the geocode location and Δ as the length of the border between the latitudes, or using x as the longitude of the geocode location and Δ as the length of the border between the longitudes By using the grid, the grid can be configured for the entire latitude / longitude coordinate system. Every geocode in a grid cell will be converted to the same value when the above function is applied to its latitude and longitude. Since the "large square" boundary does not have to lie directly on the boundary that is an exact multiple of the length of the bounding edge, the no-position offset measure is calculated using the lower edge of the boundary, Used to linearly shift the grid.
[0049]
FIG. 8 shows the determination of the parameter shape parm from the position identification attributes for a bounded rectangular proximity area. The horizontal lines in the figure correspond to latitude lines, and the vertical lines correspond to longitude lines. The equator (latitude) and Greenwich (longitude) are shown. The dotted grid represents latitude and longitude lines for a rectangular grid of the same size as the rectangular proximity area. The grid is centered at 0 degrees latitude (ie, the equator) and 0 degrees longitude (ie, Greenwich). The position discrimination for a bounded rectangle includes a position portion that is the latitude (lat) and longitude (lng) of the playback position. Proximity is represented by two sets of coordinates. The first set of coordinates provides a latitude line defining the lower portion of the rectangle and a longitude line defining the left side of the rectangle, and is represented by (βlat1, βlng1). The second set of coordinates provides a latitude line defining the top of the rectangle and a longitude line defining the right side of the rectangle, and is represented by (βlat2, βlng2). From the position discrimination, the shape parm is calculated by calculating the length of the sides of the first bounded rectangle. The distance between the latitude lines is indicated by Δlat, and is the absolute difference between βlat2 and βlat1 [that is, abs (βlat2−βlat1)]. The distance between the longitude lines is denoted by Δlng, and is the absolute difference between βlng2 and βlng1 [ie, abs (βlng2-βlng1)].
[0050]
Next, transform coefficients are calculated using the mapping function described above. The latitude conversion factor (olat) is calculated according to the following formula:
olat = βlat1-Δlat * int (βlat1 / Δlat)
The longitude conversion factor (olng) is calculated according to the following formula:
olng = βlng1-ΔLng * int (βLng1 / ΔLng)
These equations are used to linearly shift the coordinate values. The shape parm is the number of two sets (Δlat, Δlng) and (olat, olng). It is worth noting that the shape parm is positionless, ie it depends only on the size of the square proximity area and not on the exact location of the square proximity area. When the mapping function is used by the shape palm, the following function will have the same value for any latitude / longitude coordinates (ρlat, ρlng) in the rectangular proximity area:
f (ρlat) = Δlat * (int ((ρlat-olat) / Δlat)
f (ρlng) = ΔLng * (int ((ρLng−olng) / ΔLng)
In particular, the value pair (f (ρlat), f (ρLng)) will have the same value for all coordinates on and inside the lower and left sides of the bounding rectangle, and the value will be the shape parm and the coordinates (ρlat, ρlng) only. These functions will be used to construct the encryption key used to geolock the digital information.
[0051]
FIG. 9 shows the determination of the shape palm parameter from the position discrimination for a circular proximity area. As in the previous drawing, the horizontal lines correspond to latitude lines and the vertical lines correspond to longitude lines. The dashed grid represents latitude and longitude lines for a square grid of the same size as the square exactly surrounding the circular proximity area. The position discrimination for the circular proximity area is based on the fact that the position part defined by the latitude (lat) and the longitude (lng) of the reproduction position and the single part, that is, the proximity part defined by the radius of the circular proximity area, Contains. From the location identification attributes, the shape palm is calculated by first determining the diameter as twice the radius of the circular proximity area. From this value, the size for the square grid is obtained as shown in FIG. Next, the transform coefficients are calculated and use the mapping function described above. The latitude conversion coefficient (olat) and longitude conversion coefficient (olng) are calculated according to the following formula:
olat = lat−radius− (Δlatng * int (lat / Δlatlng))
olng = lng-radius-([Delta] latng * int (lng / [Delta] latng))
Here, Δlatlng corresponds to the diameter of the circular proximity area. These equations are used to linearly shift the coordinate values. The shape parm is the number (olat, olng) and radius of the two sets. When the mapping function is used by the shape palm, the following function will have the same value for any latitude / longitude coordinates (ρlat, ρlng) in the rectangle bounding the circular proximity area:
f (ρlat) = Δlatlng * (int ((ρlat-olat) / Δlatlng)
f (ρlng) = ΔLngLng * (int ((ρLng−olng) / ΔLatLng)
In particular, the value pair (f (ρlat), f (ρlng)) has the same value for all coordinates on and within the lower and left sides of the grid square, the value being the shape parm and the coordinates (Ρlat, ρlng). These functions will be used to construct a geolock key used to encrypt digital information. Finally, the coordinates (ρlat, ρlng) can be evaluated to determine whether it falls within the circular proximity area using the following equation:
dist = sqrt ((ρlat− (f (ρlat) + radius + olat))^Two+ (Ρlng− (f (ρlng) + radius + olng))^Two
On the other hand, dist is equal to or smaller than the radius and is on the circumference of the circular proximity area or is within the circumference.
[0052]
According to another embodiment of the present invention, the digital information is encrypted before being transferred or stored by the appliance, and the location identification attribute 140 is a location-identity-based geo-location used to encrypt the digital information. Used to generate lock keys. The layer of encryption added to the digital information enforces the access restrictions defined by the location identification attribute 140.
[0053]
FIG. 10 illustrates an encryption method for associating digital information with location identification attributes 140 that is used to convert plaintext digital information (media) into geolocked encrypted digital information. The method may be performed by the appliance before storing the digital information in a local memory (eg, a hard disk) or before transmitting the digital information to another appliance or network.
[0054]
The position identification attribute 140 to be used to geolock the plaintext digital information 170 is used to calculate two parameters: (a) a reproduction position parameter 162 and (b) a shape palm parameter 157. . The reproduction position parameter 162 is a position portion of the position identification attribute 140. The shape palm parameter 157 is a positionless transformation of the proximity of the position identification attribute calculated for the square or circular bounded region described above. Both the position and shape palm parameters are used as inputs to the key generation process 310 to construct a geolock key 166 that cannot be reasonably inferred or reconstructed. In the preferred embodiment of the present invention, the geolock key 166 is 64 bits in length, but it should be appreciated that any length can be used to advantage. The resulting sequence is used by the encryption process 312 to encrypt the plaintext data 170 by performing a bitwise exclusive OR. This results in encrypted bytes of a length equal to the number of data bytes in the plaintext 170. The encrypted data (or ciphertext) 158 is concatenated with the shape parm 157 parameter and stored as geolocked digital information 156. It should be appreciated that other known encryption algorithms can also be used to advantage.
[0055]
The exemplary encryption process 312 is similar to another widely used encryption method, but with one major difference. 64-bit encryption keys combined with plaintext using an exclusive-or function (ie, XOR) are used commercially in protocols such as Wired Equivalent Privacy (WEP). Implementation of WEP must consider the key management problem of how to distribute keys to the stations participating in the conversation, and so encryption / decryption can be performed. However, there is no key distribution problem in the present invention. The encryption / decryption key may consist only of the locationless information included with the digital information and the playback position for the appliance. Only appliances located within the proximity area defined by the location identification attribute when the file is encrypted can view or play the digital information. Alternatively, the time parameter of the location identification attribute 140 may be used instead of or with the proximity parameter to construct the encryption key.
[0056]
FIG. 11 shows the above-described key generation process 310 used to generate the geolock key 166 from the shape par value and the playback position (lat, lng) value in further detail. The initial key generation process 322 generates an initial 64-bit encryption key 174 using the shape palm 157 and the location parameters 162. This initial key 174 is then used in a secret key generation process 324 (ie, a concealment function) that further uses the deterministic mathematical transformation of the initial key 174 to further secure and generate the geolock key 166. In the following, the initial key generation process 322 and the secret key generation process 324 used to generate the initial key will be described in more detail with reference to FIG.
[0057]
After the digital information has been encrypted in accordance with any of the above embodiments of the invention, the appliance may decrypt the digital information in the clear to thereby allow the digital information to be viewed or played back. Perform the decryption process. FIG. 12 shows a decryption method for restoring plaintext digital information from geolocked digital information. The method begins at step 320 with a command to access geolocked digital information encrypted according to a location identification attribute. At step 322, the appliance location 160 is determined using one of the methods described above with respect to FIGS. 6A-6D. Appliance location 160 may be stored by the appliance for further use in this manner. In step 324, the geolocked digital information 156 is accessed. As described above, the geolocked digital information 156 includes a shape palm parameter 157 and a ciphertext 158. A decryption process is performed at step 326, where the shape palm parameter 157 and the player are used to decrypt the encrypted information and determine the geolock key used to generate the plaintext digital information 170. Position 160 is used. The plaintext digital information 170 may then be used by the appliance in any desired manner, such as, for example, spooling the digital information to a printer and viewing the digital information on a display / playback device. Hereinafter, the decryption processing step 326 will be described in more detail with reference to FIG.
[0058]
Referring to FIG. 13, an exemplary process for generating a geolock key used for either encryption or decryption is shown. The values (flat (ρlat)), (flng (ρlng)) calculated above for the square and circular proximity areas, respectively, are used as inputs to generate a geolock key. These values are calculated from the shape parm and position values, as described above with respect to FIGS. The latitude value flat (ρlat) is in the format sll. Ddddddd is formatted as a 10 character latitude string 184 in process step 332 to generate, where s is a sign. Similarly, the longitude value flng (ρlng) 183 is in the format slll. The ddddddd is formatted as an 11 character longitude string 185 at process step 334 to generate. Thereafter, in process step 336, all non-numeric characters (ie, sign and decimal point) are removed from the latitude string 184 and the longitude string 185, and the resulting longitude string 185 is converted to the resulting latitude. Concatenated with string 184, a 17 character string 186 having the format lddddddlldddddd is generated. In process step 338, the 17-character string 186 is converted to a 64-bit binary string. In particular, the last character of the 17-character string is dropped, resulting in a 16-character string where all characters are numeric. Because each numeric character can be represented by a 4-bit octet (eg, “1” is octet “0001”, “2” is octet “0010”, etc.), each character in the 16-character string Are concatenated to produce a 64-bit binary string. This 64-bit binary string provides the initial key 174 used to encrypt the digital information as described above.
[0059]
This initial key 174 is then processed by a concealment function 340 that converts it into a secret or geolock key 166. It should be recognized that in the preferred embodiment of the invention, another more complex concealment function can also be used, but a relatively simple concealment function is used. In accordance with the concealment function 340, the initial key 174 is combined with a 64-bit binary string associated with the 16-character string octet expansion 12345678123456 using an exclusive-or function (ie, XOR). This produces a geolock key 166 that is used for both encryption and decryption. Importantly, the value of this geolock key 166 will be the same for all locations within the proximity area corresponding to the geolocked digital information. In a preferred embodiment of the present invention, the concealment function is implemented as a software routine, however, it is recognized that implementing a full encryption algorithm including the concealment function in the electronic circuit results in strong encryption. Should.
[0060]
FIG. 14 is a flowchart illustrating a decryption method applicable to an appliance attempting to search for a geolocked object. In this manner, the player position 160 may be known, or may be retrieved from memory or determined as previously shown with respect to FIGS. 6A-6D. The method begins at step 342 where a shape palm 157 from geolocked digital information 156 is used with a player position 160 to generate a geolock key 166. Thereafter, in step 344, the ciphertext digital information 158 is decrypted using the geolock key 166 so as to obtain the plaintext digital information 170. As described above, the decryption step 344 may perform an exclusive OR function between the geolock key 166 and the ciphertext digital information 158.
[0061]
15-17, various examples of bounded rectangular proximity areas are shown. These drawings are similar to FIG. 8 (described above), but are used to calculate the geolock key for a bounded rectangular proximity using the preferred method shown above. . FIG. 15 shows a first bounded rectangular proximity area used to generate a geolock key. The location identification attributes are as follows:
Position identification = (position, proximity) =
((39.102479, 77.235771), ((39.102100, 77.235000), (39.103100, 77.237000)))
The shape palm parameter is derived from the location identification attribute as follows:
Shape parm = ((Δlat, Δlng), (olat, olng)) = ((0.001, 0.002), (0.0001, 0.001))
The shape parm is then used in the mapping function described above to determine f (ρlat) and f (ρlng):
(Equation 1)

The eight most significant digits from f (ρlat) and f (ρlng) are used to generate a 16 character string 39102000007723400. Then each individual character of the 16-character string is converted to a 4-bit octet, producing the following 64-bit string initial key:
(Equation 2)

The 64-bit string initial key is then combined with the 16-character string octet expansion 1234567890123456 using an exclusive-or function (ie, XOR) to generate a geolock key. In particular, the octet expansion 123456789123456 for a 16 character string is as follows:
(Equation 3)

The geolock encryption key generated by combining two 64-bit strings using the exclusive-or function is as follows:
(Equation 4)

[0062]
FIG. 16 illustrates the generation of a geolock key for a bounded rectangular proximity area when the player location matches the location identity of the geolocked data, ie, when within the proximity area. In this example, the player positions (ie, 39.102120, 77.236120) are different from the playback positions given in the example above with respect to FIG. However, as shown, both computation sets generate the same encryption key, proving that the ciphertext digital information can be recovered from any player location within the rectangular proximity. For the specified player position, the shape palm parameters are the same as described above. The mapping functions f (ρlat) and f (ρlng) are as follows:
(Equation 5)

It should be appreciated that for this player position, the mapping functions f (ρlat) and f (ρlng) are the same as for the position identification attributes described above. Thus, the initial key and the geolock key will also be the same as previously calculated. Thus, the player will be able to successfully decode the geolocked digital information from the specified player location.
[0063]
In contrast, FIG. 17 shows the geolocation for a bounded rectangular proximity area when the player location does not match the location identity of the geolocked data, ie, is outside the proximity area defined by the location identity. Fig. 9 shows generation of a lock key. The player position (ie, 28.543212, 73.5543456) is different from the playback position given in the previous example. Again for this specified player position, the shape palm is the same as in the previous example, but the mapping function values give different values for f (ρlat) and f (ρlng). In particular, the mapping functions f (ρlat) and f (ρlng) are as follows:
(Equation 6)

The eight most significant digits from f (ρlat) and f (ρlng) are used to generate a 16 character string 2854300007354200. The individual characters of the 16-character string are then each converted to 4-bit octets, generating the following 64-bit string initial key:
(Equation 7)

As before, the initial key of the 64-bit string is then combined with the 16-character string octet expansion 123456789123456 using an exclusive-or function (ie, XOR) to generate a geolock key as follows:
(Equation 8)

It is worth noting that the initial key, and thus the geolock key, is not the same as the one calculated previously. Therefore, the player will not be able to decrypt the geolocked digital information from the specified player location.
[0064]
Referring now to FIGS. 18 and 19, an example of calculating the encryption / decryption key for a circular proximity area is shown. These figures are similar to FIG. 9 (described above), but are used to illustrate the calculation of the encryption / decryption key for a circular proximity using the preferred method described above. FIG. 18 shows generation of an encryption key for a circular proximity area. The location identification attributes are as follows:
Position identification attribute = (position, proximity) = ((lat, lng), (radius)) =
((39.102479, 77.235711), 0.0001)
The shape palm parameter is derived from the position discrimination as follows:
Shape parm = ((olat, olng), radius) = ((− 0.000021, 0.000071), 0.0001)
The diameter Δlatlng of the circular proximity area is 0.0002. The shape parm is then used in the mapping function described above to determine f (ρlat) and f (ρlng):
(Equation 9)

The eight most significant digits from f (ρlat) and f (ρlng) are used to generate a 16-character string 3910240007723560. Then each individual character of the 16-character string is converted to a 4-bit octet, producing the following 64-bit string initial key:
(Equation 10)

The 64-bit string initial key is then combined with the 16-character string octet expansion 12345678901123456 using an exclusive OR function (ie, XOR) to generate the following geolock key:
(Equation 11)

FIG. 19 shows the generation of a geolock key for a circular proximity area when the player position is within the location identification attribute of the geolocked data, ie, within the circular proximity area. The player position (ie, 39.102420, 77.235699) is different from the playback position defined by the position identification shown above with respect to FIG. However, as shown, the same encryption key is obtained from both calculation sets. For the identified player position, the shape palm parameters are the same as described above with respect to FIG. The shape palm parameters are then used in the mapping function described above to determine f (ρlat) and f (ρlng):
(Equation 12)

This mapping function produces the same result with respect to the identified player positions as if they used the position-identifying position part. Next, the coordinates (ρlat, ρlng) are evaluated to determine whether it falls within the circular proximity area using the following equation:
dist = sqrt ((ρlat− (f (ρlat) + radius + olat))^Two+ (Ρlng− (f (ρlng) + radius + olng))^Two
dist = sqrt ((39.102420- (39.102400 + 0.00001-0.000021))^Two+
(77.235699- (77.235600 + 0.00001 + 0.000071))^Two)
dist = 0.00008414
Since the distance function has returned a value that is less than or equal to the radius, the player is within or on the circumference of the circular area. Conversely, if the distance function is larger than the radius, the geolock key will be set to a 64 bit string of all zeros, which is an invalid key, and will not correctly decode the geolocked digital information. As described above, for this player position, the mapping functions f (ρlat) and f (ρlng) are the same as for the location identification attribute. Thus, the player will be able to successfully decode the geolocked digital information from the specified player location.
[0065]
The location identification attribute encryption system and method described above has many advantages. Location identities overcome digital information security issues and provide users with a means to manage encryption keys in a completely transparent manner. This allows encrypted digital information to be easily communicated across public networks, such as the Internet. Users in the proximity area where the digital information is ready can access and use this information, while users outside this area will be denied access. In this regard, the present invention provides "custom" or "one-to-one" encryption, since the digital information is specifically encrypted to the target location where it is to be played. Custom encryption also allows the digital information to be customized in the correct order for target preview and advertising material included with the geolocked information. When a file is encrypted for a particular location, the demographics of that area can be used to include custom preview material. For example, the material encrypted for Mexico City may include a preview material in Spanish, while a similar material for Gaithersburg, MD is in English.
[0066]
The location-identification attribute-based encryption characteristically employs a different approach to sharing encryption keys from previous encryption methods. The two pieces of information that are essential to constructing a symmetric decryption key are: (a) the playback position known to the playback device; and (b) the shape contained within the encrypted digital information. parm parameter. Either part of the information alone is not sufficient to construct a decryption key. Encryption is specific to a geographic area, and the encryption algorithm does not need to know anything about the user or device from which the decryption takes place. Decryption of the same digital information can be performed on any machine identified as having its location within the area defined by the location identification attributes. Location identification encryption differs from previous encryption algorithms in that it avoids the key distribution problem that limits the usefulness of prior art methods. There is no need to distribute or share the encryption key as in a symmetric encryption method such as Wired Equivalent Privacy (WEP) or an asymmetric method such as Diffie-Hellman. Also, there is no need to negotiate a secret key exchange as in Secure Sockets Layer (SLL) or Multi-Performance Internet Mail Exchange (S / MIME).
[0067]
There are many applications and data formats in which location identification attributes can be used to control access to digital information. The user can receive the geolocked digital information in electronic form using any convenient method, including telephone lines, fiber optics, cable television, satellite broadcasting, wireless or other media. The user may also physically receive the custom generated geolocked digital information from a store or vendor in the form of magnetic or other encoded media such as, for example, a CD-ROM, diskette, video cassette or tape. Good. Similarly, geolocked digital information may be transmitted over a wide area network such as the Internet, a local network such as an intranet, a network including dial-up access between an individual and a server computer such as a connection to e-mail, or digitally. It can be transmitted by a wide area mobile phone or another wireless device. The geolocked digital information can be stored on a diskette, CD-ROM, tape, fixed or removable hard disk, DVD / CD-ROM, flash memory / disk, EEPROM, etc. The types of digital information that can be protected in this manner are, to name a few, music files (eg, MP3s), software, literary works, commerce files, text files, videos / graphics, paging messages. , Wide area mobile phone conversations and transactions, and digital files.
[0068]
In an exemplary application, a customer orders digital film or audio from a vendor catalog. This catalog may be hard copy or Internet based, and the order may be placed by mailing, telephone, facsimile transmission or Internet based transaction. In any ordering method, the customer's order indicates the playback position. When this order is procured by a vendor, the location identification attributes associated with that customer are determined and used to generate an encryption key, which is later used to encrypt digital information files for that media. used. The purchased media is then custom encrypted for the order, copied to a format such as a DVD or CD-ROM, packaged with a viewer, which is also customized for location identification attributes. I have. Even if the entire content of the purchased media is copied, a viewer and media customized for that location identification attribute will prevent viewing outside of the allowed area. In this exemplary application, location identities and the use of customized encryption and viewers provide a solution that is resistant to piracy and unauthorized use of digital media and the problem of copying.
[0069]
In another exemplary application of the invention, location identities are used to "narrowcast" information over public networks. Cable broadcasting, in this context, is the transmission of information to a limited audience, as opposed to point-to-point transmission, or broadcasting to unlimited locations. For example, many types of information, such as local weather, traffic information, movie show schedules, store information, etc., are only available within certain geographic relationships. Applications that use such location-dependent information may be referred to as location-based applications. Location identities provide a way to use broadcast-type protocols to transmit information over a network identified by the location to which it relates, such as, for example, local area for weather, store location for sale, and advertising information. I do. By using the location of the client's appliance, the client's application can selectively screen the information based on their current location using the location identity imparted to the information. It can also provide a way to set a unique location-based shared encryption key for geographically restricted cable broadcasting applications to maintain secure and secure confidential communications.
[0070]
In another exemplary application of the invention, location identity is used to enhance confidentiality and security for wireless network connectivity. Wireless networking has matured with the advent of networking devices and protocols such as "Bluetooth" technology that allow wireless portables or workstations to connect to the network. “Bluetooth” is an open source for short-range transmission of digital voice and data between mobile devices (eg, laptops, PDAs, wide area mobile phones, etc.) and desktop devices supporting point-to-point and multipoint applications. It is a standard. Because every wireless appliance communicating over a network has a unique location, location identity is a unique shared encryption key that can be used to maintain secure confidential communication to wireless devices connected by a public network. Can be used to set
[0071]
In each of the embodiments and exemplary applications described above, there are at least four logical boundaries between application programs that access geolocked digital information and the peripheral and network environments in which those applications operate. These boundaries include (1) data acquisition / appliance boundaries, (2) storage / appliance boundaries, (3) user interface / appliance boundaries, and (4) appliance / location acquisition boundaries. A data acquisition / appliance boundary is the enforcement of location identity when an appliance acquires digital information, such as, for example, an appliance that cannot acquire digital information from another source unless the location identification attributes are satisfied. A storage / appliance boundary is the enforcement of location identification attributes at the time the appliance stores digital information, for example, the appliance cannot retrieve stored files from memory unless location identifiability is satisfied. It is. A user interface / appliance boundary refers to the enforcement of a location identification attribute at the time the information is provided to the user, such as, for example, the user cannot view digital information on the monitor of the appliance unless the location identification attribute is satisfied. That is. An appliance / location acquisition boundary may include, for example, a user viewing, storing, or retrieving the digital information in any manner, unless the appliance location is acquired using an embedded GPS receiver. Or restricting access to geolocked data by validating the appliance location, such as otherwise not possible to use. It should be appreciated that the relative security provided by any particular embodiment of the present invention is related to the boundaries where access control is enforced.
[0072]
Having described preferred embodiments of systems and methods that use location identification attributes to control access to digital information, it will be apparent to one skilled in the art that the advantages of the present invention have been achieved. Would. It should also be recognized that various modifications, adaptations and alternative embodiments are possible within the scope of the invention. Furthermore, the present invention is limited by the appended claims.
[Brief description of the drawings]
[0073]
FIG. 1 is a schematic diagram illustrating access to digital information determined by location identification according to one embodiment of the present invention.
FIG. 2 is a block diagram showing components of a position identification attribute.
FIG. 3 is a block diagram showing components of a position determination value of a position identification attribute.
FIG. 4 is a flowchart illustrating a method for associating location identification attributes with digital information.
FIG. 5 is a flowchart illustrating a method for enhancing access to geolocked digital information using location identification attributes.
FIG. 6A is a flowchart illustrating a method for determining location identity for an appliance.
FIG. 6B is a flowchart illustrating another method for determining location identity for an appliance.
FIG. 6C is a flowchart illustrating another method for determining location identity for an appliance.
FIG. 6D is a flowchart illustrating another method for determining location identity for an appliance.
FIG. 7 is a flowchart illustrating a method of generating geolocked digital information from a server perspective.
FIG. 8 illustrates the calculation of encryption parameters from location identities for a bounded rectangular proximity area.
FIG. 9 is a diagram showing calculation of an encryption parameter from position discrimination with respect to a circular proximity area.
FIG. 10 is a flowchart illustrating a method of a location identification encryption process.
FIG. 11 is a flowchart illustrating a method for generating a geolock key.
FIG. 12 is a flowchart illustrating a method for viewing or playing geolocked digital information from a client perspective.
FIG. 13 is a flowchart illustrating a method for generating a geolock key.
FIG. 14 is a flowchart illustrating a method of a position identification based decoding process.
FIG. 15 illustrates an example of a bounded rectangular proximity area used to calculate a corresponding geolock key.
FIG. 16 shows an example of a bounded rectangular proximity area used to calculate a corresponding geolock key, where the position of the playback device is consistent with the location identity of the geolocked data. .
FIG. 17 shows an example of a bounded rectangular proximity area used to calculate a corresponding geolock key, where the position of the playback device does not match the location identity of the geolocked data. .
FIG. 18 is a diagram showing an example of a circular proximity area used to calculate a corresponding geolock key.
FIG. 19 is a diagram showing an example of a circular proximity area used to calculate a corresponding geolock key.

Claims (42)

Identify location identification attributes that define at least a particular geographic location,
Generating a geolock key based at least in part on the location identification attribute;
Encrypting the digital information using the geolock key, wherein the encrypted digital information controls access to digital information that can only be accessed at the particular geographic location. how to. The method of claim 1, wherein said identifying step further comprises identifying at least a position value and a proximity value. The method of claim 2, wherein the position value corresponds to a position of an intended receiving appliance of the digital information. The method of claim 2, wherein the position value further includes a latitude and longitude dimension. The method of claim 2, wherein the proximity value corresponds to a zone surrounding the location. 3. The method of claim 2, further comprising generating a shape parameter based on the proximity value, wherein the shape parameter defines a shape of an area surrounding the particular geographic location. The method of claim 6, further comprising generating an initial key based on the shape parameter. Generating said geolock key based on said initial key; and said encrypting step further comprises encrypting said digital information using said geolock key. 7. The method according to 7. The method of claim 6, further comprising packaging the shape parameter with the encrypted digital information. 10. The method of claim 9, further comprising transmitting the shape parameters and the encrypted digital information to an end user. The method of claim 1, further comprising, prior to the encrypting step, selecting preview information to include the preview information with the digital information. The method of claim 1, further comprising the step of storing the encrypted digital information in a fixed format including at least one of a CD-ROM, DVD, diskette, video cassette, and tape. The method of claim 9, wherein the transmitting step further comprises transmitting the encrypted digital information in electronic form via at least one of a telephone line, a video cable, satellite broadcast, fiber optic, and wireless. . Searches for location data that identifies a specific geographic location of the playback appliance,
Accessing geo-locked data including the encrypted digital information and shape parameters defining a shape of an area surrounding the particular geographic location;
Generating a geolock key using at least the shape parameter and the position data;
A method for restoring encrypted digital information, comprising decrypting the digital information using the geolock key. The method of claim 14, wherein the location data further includes a latitude and longitude dimension. The method of claim 14, wherein the generating further comprises generating an initial key based on the shape parameter. 17. The method of claim 16, wherein said generating further comprises generating said geolock key based on said initial key. The method of claim 14, wherein the accessing step further comprises receiving the geolocked data from a remote transmitting device. The method of claim 14, wherein the geolocked data further includes preview information. The method of claim 14, wherein the accessing step further comprises retrieving the geolocked data from a storage medium including at least one of a CD-ROM, DVD, diskette, video cassette, and tape. 15. The method of claim 14, wherein the step of accessing further comprises receiving the geolocked data in electronic form by at least one of a telephone line, a video cable, a satellite broadcast, fiber optics, and a radio. Identify location identification attributes that define at least a particular geographic location,
Generating a geolock key based at least in part on the location identification attribute;
Software instructions operable to encrypt the digital information using the geolock key and cause the processor to perform functions that can be accessed only at the particular geographic location. An apparatus for controlling access to digital information comprising a processor having a memory configured to store. 23. The apparatus of claim 22, wherein said identifying function further comprises at least a function of identifying a position value and a proximity value. The apparatus of claim 23, wherein the position value corresponds to a position of an intended receiving appliance of the digital information. The apparatus of claim 23, wherein the position value further includes a latitude and longitude dimension. The apparatus of claim 23, wherein the proximity value corresponds to a zone surrounding the location. 24. The apparatus of claim 23, further comprising generating a shape parameter based on the proximity value, wherein the shape parameter defines a shape of an area surrounding the specific geographic location. 28. The apparatus of claim 27, further comprising a function of generating an initial key based on the shape parameter. 29. The apparatus of claim 28, further comprising the function of generating the geolock key based on the initial key. 28. The apparatus of claim 27, further comprising the function of packaging said shape parameters with said encrypted digital information. 31. The apparatus of claim 30, further comprising transmitting the shape parameters and the encrypted digital information to an end user. 23. The apparatus of claim 22, further comprising a function of selecting preview information and including the preview information with the digital information before performing the encrypting function. 23. The apparatus of claim 22, further comprising a server coupled to the processor and configured to transmit the encrypted digital information to an end user over a network connection. An apparatus for controlling access to digital information comprising a processor having a memory, comprising:
The memory stores software instructions that operate to cause the processor to perform the following functions.
Searching for location data identifying a particular geographic location of the device;
Accessing geolocked data including encrypted digital information and shape parameters defining a shape of an area surrounding the particular geographic location;
Generating a geolock key using at least the shape parameter and the position data;
An apparatus for controlling access to digital information causing a processor to perform a function of decrypting the digital information using the geolock key. 35. The apparatus of claim 34, wherein said location data further includes a latitude and longitude dimension. 35. The apparatus of claim 34, wherein the generating function further includes generating an initial key based on the shape parameter. 37. The apparatus of claim 36, wherein the generating function further includes generating the geolock key based on the initial key. 35. The apparatus of claim 34, wherein the accessing function further comprises receiving the geolocked data from a remote transmitting device. The apparatus of claim 34, wherein the geolocked data further includes preview information. 35. The apparatus of claim 34, wherein the accessing function further comprises a function of retrieving the geolocked data from a storage medium including at least one of a CD-ROM, DVD, diskette, video cassette, and tape. 35. The apparatus of claim 34, wherein the accessing function further comprises a function of receiving the geolocked data in electronic form by at least one of a telephone line, a video cable, satellite broadcasting, fiber optics, and radio. The apparatus of claim 34, further comprising a GPS receiver coupled to the processor and configured to provide the location data.

Images